[Date Prev][Date Next]
(ITS#6738) missing checks for ber errors
Full_Name: Hallvard B Furuseth
Submission from: (NULL) (184.108.40.206)
Submitted by: hallvard
There are a fair number of ber calls which do not check for
errors: Just ber_scanf and use the expected output variable,
which may or may not have a useful NULL value on error.
Syncrepl is particularly bad. This in slapd/ and libldap/:
egrep '^<tab>*ber_(scanf|get_)' *.c */*.c
returns mostly syncrepl matches. I can't even fix these
easily because there's not enough error handling code to
grepping for ber_(printf|put_) find other modules as well.